Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Snort and IP tables
- Date: Thu, 26 Feb 2004 11:53:00 +0900
- From: Thomas Savarimuthu <viswas_thomas@example.com>
- Subject: Re: [tlug] Snort and IP tables
- References: <87514FF5916BD511A0E60008C709457CF663@example.com>
- User-agent: KMail/1.5.4
If you look at the snort configuration, it allows you define as many custom network group based on IP. Then the rules are set "src network gto dst network". I think squid runs as foward cache right?, if so if IPtables allows all estrablished connnections inside to outside connection shouldn't be disturbed by snort scanning. Add all rules to scan the packets from outside --> inside, (ofcourse inside to outside if needed). -Thomas On Thursday February 26 2004 10:20, patrick.niessen@example.com wrote: > I want to run snort on one of my servers that also provides other services > (eg. squid). This server has been protected with IPTABLES, only allowing > legitimate connections. > > Is it possible to run snort as an ids on the same machine, or will IPTABLES > block all not permitted protocols? > > Patrick
- References:
- [tlug] Snort and IP tables
- From: patrick.niessen
- [tlug] Snort and IP tables
- Prev by Date: Re: [tlug] Problem with MAN command and KDE 3.2
- Next by Date: Re: [tlug] Japanese input problem in Gaim-0.75+kinput2
- Previous by thread: Re: [tlug] Snort and IP tables
- Next by thread: [tlug] Japanese input problem in Gaim-0.75+kinput2
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |